enhance(secrets): verify casing of orgs and repos in SCM before adding secret (#700)

* enhance(secrets): verify casing and existence of orgs and repos in SCM before adding secret

* fix some comments

* add clarifying comments

* ditch equalfold check since it will always be true at that point

Author: ecrupper

api/secret.go

@@ -109,6 +109,55 @@ func CreateSecret(c *gin.Context) {
 		}
 	}
 
+	if strings.EqualFold(t, constants.SecretOrg) {
+		// retrieve org name from SCM
+		//
+		// SCM can be case insensitive, causing access retrieval to work
+		// but Org/Repo != org/repo in Vela. So this check ensures that
+		// what a user inputs matches the casing we expect in Vela since
+		// the SCM will have the source of truth for casing.
+		org, err := scm.FromContext(c).GetOrgName(u, o)
+		if err != nil {
+			retErr := fmt.Errorf("unable to retrieve organization %s", o)
+
+			util.HandleError(c, http.StatusNotFound, retErr)
+
+			return
+		}
+
+		// check if casing is accurate
+		if org != o {
+			retErr := fmt.Errorf("unable to retrieve organization %s. Did you mean %s?", o, org)
+
+			util.HandleError(c, http.StatusNotFound, retErr)
+
+			return
+		}
+	}
+
+	if strings.EqualFold(t, constants.SecretRepo) {
+		// retrieve repo name from SCM
+		//
+		// same story as org secret. SCM has accurate casing.
+		scmRepo, err := scm.FromContext(c).GetRepoName(u, o, n)
+		if err != nil {
+			retErr := fmt.Errorf("unable to retrieve repository %s/%s", o, n)
+
+			util.HandleError(c, http.StatusNotFound, retErr)
+
+			return
+		}
+
+		// check if casing is accurate
+		if scmRepo != n {
+			retErr := fmt.Errorf("unable to retrieve repository %s. Did you mean %s?", n, scmRepo)
+
+			util.HandleError(c, http.StatusNotFound, retErr)
+
+			return
+		}
+	}
+
 	// update engine logger with API metadata
 	//
 	// https://pkg.go.dev/github.com/sirupsen/logrus?tab=doc#Entry.WithFields

scm/github/org.go

@@ -0,0 +1,43 @@
+// Copyright (c) 2022 Target Brands, Inc. All rights reserved.
+//
+// Use of this source code is governed by the LICENSE file in this repository.
+
+package github
+
+import (
+	"net/http"
+
+	"github.com/sirupsen/logrus"
+
+	"github.com/go-vela/types/library"
+)
+
+// GetOrgName gets org name from Github.
+func (c *client) GetOrgName(u *library.User, o string) (string, error) {
+	c.Logger.WithFields(logrus.Fields{
+		"org":  o,
+		"user": u.GetName(),
+	}).Tracef("retrieving org information for %s", o)
+
+	// create GitHub OAuth client with user's token
+	client := c.newClientToken(u.GetToken())
+
+	// send an API call to get the org info
+	orgInfo, resp, err := client.Organizations.Get(ctx, o)
+
+	orgName := orgInfo.GetLogin()
+
+	// if org is not found, return the personal org
+	if resp.StatusCode == http.StatusNotFound {
+		user, _, err := client.Users.Get(ctx, "")
+		if err != nil {
+			return "", err
+		}
+
+		orgName = user.GetLogin()
+	} else if err != nil {
+		return "", err
+	}
+
+	return orgName, nil
+}

scm/github/org_test.go

@@ -0,0 +1,131 @@
+// Copyright (c) 2022 Target Brands, Inc. All rights reserved.
+//
+// Use of this source code is governed by the LICENSE file in this repository.
+
+package github
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"reflect"
+	"testing"
+
+	"github.com/gin-gonic/gin"
+
+	"github.com/go-vela/types/library"
+)
+
+func TestGithub_GetOrgName(t *testing.T) {
+	// setup context
+	gin.SetMode(gin.TestMode)
+
+	resp := httptest.NewRecorder()
+	_, engine := gin.CreateTestContext(resp)
+
+	// setup mock server
+	engine.GET("/api/v3/orgs/:org", func(c *gin.Context) {
+		c.Header("Content-Type", "application/json")
+		c.Status(http.StatusOK)
+		c.File("testdata/get_org.json")
+	})
+
+	s := httptest.NewServer(engine)
+	defer s.Close()
+
+	// setup types
+	u := new(library.User)
+	u.SetName("foo")
+	u.SetToken("bar")
+
+	want := "github"
+
+	client, _ := NewTest(s.URL)
+
+	// run test
+	got, err := client.GetOrgName(u, "github")
+
+	if resp.Code != http.StatusOK {
+		t.Errorf("GetOrgName returned %v, want %v", resp.Code, http.StatusOK)
+	}
+
+	if err != nil {
+		t.Errorf("GetOrgName returned err: %v", err)
+	}
+
+	if !reflect.DeepEqual(got, want) {
+		t.Errorf("GetOrgName is %v, want %v", got, want)
+	}
+}
+
+func TestGithub_GetOrgName_Personal(t *testing.T) {
+	// setup context
+	gin.SetMode(gin.TestMode)
+
+	resp := httptest.NewRecorder()
+	_, engine := gin.CreateTestContext(resp)
+
+	// setup mock server
+	engine.GET("/api/v3/user", func(c *gin.Context) {
+		c.Header("Content-Type", "application/json")
+		c.Status(http.StatusOK)
+		c.File("testdata/user.json")
+	})
+
+	s := httptest.NewServer(engine)
+	defer s.Close()
+
+	// setup types
+	u := new(library.User)
+	u.SetName("foo")
+	u.SetToken("bar")
+
+	want := "octocat"
+
+	client, _ := NewTest(s.URL)
+
+	// run test
+	got, err := client.GetOrgName(u, "octocat")
+
+	if resp.Code != http.StatusOK {
+		t.Errorf("GetOrgName returned %v, want %v", resp.Code, http.StatusOK)
+	}
+
+	if err != nil {
+		t.Errorf("GetOrgName returned err: %v", err)
+	}
+
+	if !reflect.DeepEqual(got, want) {
+		t.Errorf("GetOrgName is %v, want %v", got, want)
+	}
+}
+
+func TestGithub_GetOrgName_Fail(t *testing.T) {
+	// setup context
+	gin.SetMode(gin.TestMode)
+
+	resp := httptest.NewRecorder()
+	_, engine := gin.CreateTestContext(resp)
+
+	// setup mock server
+	engine.GET("/api/v3/orgs/:org", func(c *gin.Context) {
+		c.Header("Content-Type", "application/json")
+		c.Status(http.StatusNotFound)
+	})
+
+	s := httptest.NewServer(engine)
+	defer s.Close()
+
+	// setup types
+	u := new(library.User)
+	u.SetName("foo")
+	u.SetToken("bar")
+
+	client, _ := NewTest(s.URL)
+
+	// run test
+	_, err := client.GetOrgName(u, "octocat")
+
+	if err == nil {
+		t.Error("GetOrgName should return error")
+	}
+}

scm/github/repo.go

@@ -309,6 +309,26 @@ func (c *client) GetRepo(u *library.User, r *library.Repo) (*library.Repo, error
 	return toLibraryRepo(*repo), nil
 }
 
+// GetRepoName returns the name of the repository in the SCM.
+func (c *client) GetRepoName(u *library.User, o string, r string) (string, error) {
+	c.Logger.WithFields(logrus.Fields{
+		"org":  o,
+		"repo": r,
+		"user": u.GetName(),
+	}).Tracef("retrieving repository information for %s/%s", o, r)
+
+	// create GitHub OAuth client with user's token
+	client := c.newClientToken(u.GetToken())
+
+	// send an API call to get the repo info
+	repo, _, err := client.Repositories.Get(ctx, o, r)
+	if err != nil {
+		return "", err
+	}
+
+	return repo.GetName(), nil
+}
+
 // ListUserRepos returns a list of all repos the user has access to.
 func (c *client) ListUserRepos(u *library.User) ([]*library.Repo, error) {
 	c.Logger.WithFields(logrus.Fields{

scm/github/repo_test.go

@@ -1013,6 +1013,79 @@ func TestGithub_GetRepo_Fail(t *testing.T) {
 	}
 }
 
+func TestGithub_GetRepoName(t *testing.T) {
+	// setup context
+	gin.SetMode(gin.TestMode)
+
+	resp := httptest.NewRecorder()
+	_, engine := gin.CreateTestContext(resp)
+
+	// setup mock server
+	engine.GET("/api/v3/repos/:owner/:repo", func(c *gin.Context) {
+		c.Header("Content-Type", "application/json")
+		c.Status(http.StatusOK)
+		c.File("testdata/get_repo.json")
+	})
+
+	s := httptest.NewServer(engine)
+	defer s.Close()
+
+	// setup types
+	u := new(library.User)
+	u.SetName("foo")
+	u.SetToken("bar")
+
+	want := "Hello-World"
+
+	client, _ := NewTest(s.URL)
+
+	// run test
+	got, err := client.GetRepoName(u, "octocat", "Hello-World")
+
+	if resp.Code != http.StatusOK {
+		t.Errorf("GetRepoName returned %v, want %v", resp.Code, http.StatusOK)
+	}
+
+	if err != nil {
+		t.Errorf("GetRepoName returned err: %v", err)
+	}
+
+	if !reflect.DeepEqual(got, want) {
+		t.Errorf("GetRepoName is %v, want %v", got, want)
+	}
+}
+
+func TestGithub_GetRepoName_Fail(t *testing.T) {
+	// setup context
+	gin.SetMode(gin.TestMode)
+
+	resp := httptest.NewRecorder()
+	_, engine := gin.CreateTestContext(resp)
+
+	// setup mock server
+	engine.GET("/api/v3/repos/:owner/:repo", func(c *gin.Context) {
+		c.Header("Content-Type", "application/json")
+		c.Status(http.StatusNotFound)
+	})
+
+	s := httptest.NewServer(engine)
+	defer s.Close()
+
+	// setup types
+	u := new(library.User)
+	u.SetName("foo")
+	u.SetToken("bar")
+
+	client, _ := NewTest(s.URL)
+
+	// run test
+	_, err := client.GetRepoName(u, "octocat", "Hello-World")
+
+	if err == nil {
+		t.Error("GetRepoName should return error")
+	}
+}
+
 func TestGithub_ListUserRepos(t *testing.T) {
 	// setup context
 	gin.SetMode(gin.TestMode)

scm/github/testdata/get_org.json

@@ -0,0 +1,53 @@
+{
+  "login": "github",
+  "id": 1,
+  "node_id": "MDEyOk9yZ2FuaXphdGlvbjE=",
+  "url": "https://api.github.com/orgs/github",
+  "repos_url": "https://api.github.com/orgs/github/repos",
+  "events_url": "https://api.github.com/orgs/github/events",
+  "hooks_url": "https://api.github.com/orgs/github/hooks",
+  "issues_url": "https://api.github.com/orgs/github/issues",
+  "members_url": "https://api.github.com/orgs/github/members{/member}",
+  "public_members_url": "https://api.github.com/orgs/github/public_members{/member}",
+  "avatar_url": "https://github.com/images/error/octocat_happy.gif",
+  "description": "A great organization",
+  "name": "github",
+  "company": "GitHub",
+  "blog": "https://github.com/blog",
+  "location": "San Francisco",
+  "email": "[email protected]",
+  "twitter_username": "github",
+  "is_verified": true,
+  "has_organization_projects": true,
+  "has_repository_projects": true,
+  "public_repos": 2,
+  "public_gists": 1,
+  "followers": 20,
+  "following": 0,
+  "html_url": "https://github.com/octocat",
+  "created_at": "2008-01-14T04:33:35Z",
+  "updated_at": "2014-03-03T18:58:10Z",
+  "type": "Organization",
+  "total_private_repos": 100,
+  "owned_private_repos": 100,
+  "private_gists": 81,
+  "disk_usage": 10000,
+  "collaborators": 8,
+  "billing_email": "[email protected]",
+  "plan": {
+    "name": "Medium",
+    "space": 400,
+    "private_repos": 20,
+    "filled_seats": 4,
+    "seats": 5
+  },
+  "default_repository_permission": "read",
+  "members_can_create_repositories": true,
+  "two_factor_requirement_enabled": true,
+  "members_allowed_repository_creation_type": "all",
+  "members_can_create_public_repositories": false,
+  "members_can_create_private_repositories": false,
+  "members_can_create_internal_repositories": false,
+  "members_can_create_pages": true,
+  "members_can_fork_private_repositories": false
+}